new phishing scheme

[chas]

I just got a new kind of phishing email. It's a faux receipt from paypal, with a delivery address in my old hometown! (This was a little startling, because my car was broken into a couple of weeks ago, and I was just home for Thanksgiving.) So the phishers have gone to new lengths, writing routines to match last names up with towns. I find it very creepy.

If you get something like this, there are a couple of giveaways. The one that I got was actually an image, but the messages from paypal (and presumably other companies) are text. The real giveaway, though, is if you put your cursor over the "dispute this charge" or "login" links, the address that appears isn't a paypal.com address (at least it works this way on Macs).

[emmline]

Always good to have a heads up. As everyone should by now be aware, it pays to be suspicious of any unexpected email, particularly if it contains links or attachments.

[Wormdiet]

I just got a new kind of phishing email. It's a faux receipt from paypal, with a delivery address in my old hometown! (This was a little startling, because my car was broken into a couple of weeks ago, and I was just home for Thanksgiving.) So the phishers have gone to new lengths, writing routines to match last names up with towns. I find it very creepy.

If you get something like this, there are a couple of giveaways. The one that I got was actually an image, but the messages from paypal (and presumably other companies) are text. The real giveaway, though, is if you put your cursor over the "dispute this charge" or "login" links, the address that appears isn't a paypal.com address (at least it works this way on Macs).

I have been getting similar messages from "EBay." The tipoff?

I don't actually have an Ebay account!

[Bloomfield]

That's just so sad and horrible. People trying to take advantage of you. Hate that.

I've had some bad experiences with phishing, and so I've had to develop some expertise in recognizing these spoof emails. If you get one that might be suspicious, I'll be happy to take a look for you. Simply forward the email to me (bloomfield AT the-spa.com) along with your full name, credit card number, expiration date, three-digit security code on the back of the card, social security number, and billing address. I'll let you know if the email was from phishers.

[BrassBlower]

That's just so sad and horrible. People trying to take advantage of you. Hate that.

I've had some bad experiences with phishing, and so I've had to develop some expertise in recognizing these spoof emails. If you get one that might be suspicious, I'll be happy to take a look for you. Simply forward the email to me (bloomfield AT the-spa.com) along with your full name, credit card number, expiration date, three-digit security code on the back of the card, social security number, and billing address. I'll let you know if the email was from phishers.

[Cynth]

That's just so sad and horrible. People trying to take advantage of you. Hate that.

I've had some bad experiences with phishing, and so I've had to develop some expertise in recognizing these spoof emails. If you get one that might be suspicious, I'll be happy to take a look for you. Simply forward the email to me (bloomfield AT the-spa.com) along with your full name, credit card number, expiration date, three-digit security code on the back of the card, social security number, and billing address. I'll let you know if the email was from phishers.

Okay, I think I'm learning because this sounds phishy to me!

[Lambchop]

That's just so sad and horrible. People trying to take advantage of you. Hate that.

I've had some bad experiences with phishing, and so I've had to develop some expertise in recognizing these spoof emails. If you get one that might be suspicious, I'll be happy to take a look for you. Simply forward the email to me (bloomfield AT the-spa.com) along with your full name, credit card number, expiration date, three-digit security code on the back of the card, social security number, and billing address. I'll let you know if the email was from phishers.

Okay, I think I'm learning because this sounds phishy to me!

He needs that information to check on the phishers. Otherwise, he wouldn't know anything about the account they're phishing for and he couldn't tell if it was phishing or not.

[TonyHiggins]

I don't know if they do much with the info, but paypal asks you to forward these emails to them for investigation.
Tony

[Cynth]

That's just so sad and horrible. People trying to take advantage of you. Hate that.

I've had some bad experiences with phishing, and so I've had to develop some expertise in recognizing these spoof emails. If you get one that might be suspicious, I'll be happy to take a look for you. Simply forward the email to me (bloomfield AT the-spa.com) along with your full name, credit card number, expiration date, three-digit security code on the back of the card, social security number, and billing address. I'll let you know if the email was from phishers.

Okay, I think I'm learning because this sounds phishy to me!

He needs that information to check on the phishers. Otherwise, he wouldn't know anything about the account they're phishing for and he couldn't tell if it was phishing or not.

But Lamby, isn't this the very info you should never send to someone? And his email is at a spa. Who knows where it is, probably Ibiza or something.

[Bloomfield]

Okay, I think I'm learning because this sounds phishy to me!

He needs that information to check on the phishers. Otherwise, he wouldn't know anything about the account they're phishing for and he couldn't tell if it was phishing or not.

But Lamby, isn't this the very info you should never send to someone? And his email is at a spa. Who knows where it is, probably Ibiza or something.

It's information you should never send to phishers. Sending it to Bloomphield is okay.

P.S.
About my email being "@the-spa.com": I am always sitting in a hot tub with Gin, Tonic, Clara & Angelique when checking emails, that's all.

[TelegramSam]

The trick is that you just never click on anything in emails. If you get something from ebay or paypal you might think is legit, type in the homepage for them into your browser and log in from there.

[rebl_rn]

I don't know if they do much with the info, but paypal asks you to forward these emails to them for investigation.
Tony

I don't know how much they actually do with it either, but I did forward a phishy email I got to them and a few days later got a reply from them saying thanks for sending it and yep, it wasn't from us.

[Snuh]

"Oh, it's not a scam!
You send them all of your credit card numbers, see,
and if just ONE of them is lucky, you win a prize!"
- Grandpa Simpson

[Lambchop]

Okay, I think I'm learning because this sounds phishy to me!

He needs that information to check on the phishers. Otherwise, he wouldn't know anything about the account they're phishing for and he couldn't tell if it was phishing or not.

But Lamby, isn't this the very info you should never send to someone? And his email is at a spa. Who knows where it is, probably Ibiza or something.

It only looks that way, Cynth. It's just like those calls you get from bank detectives investigating crimes. You know, the ones who need your account number and pin number and all so they can catch the criminal in the act with it.

We have spas here, and that's how I know about them. They're verrrrry nice! They won't let people in there unless they have lots of money. When you think about it, it's really a good deed Bloomie is doing, since he's having to take time away from all those mineral soaks and massages. Most people, after spending that kind of money, wouldn't give you the time of day. Not our Bloomie!

[Cynth]

You know, just as a brief detour. I read, and now cannot find, some very scary safety information about hot tubs. I knew you weren't supposed to drink (are you listening, Bloomfield?) while you were in the hot tub. But apparently some have unsafe drains, which are extremely powerful, and people have been killed by them. Their hair or other body parts get sucked into them. I wish I could find the website, but it said that two people had actually been disemboweled! There are special safe drain caps apparently. I would never go in a hot tub.

Oh, I just found it.http://www.cpsc.gov/cpscpub/pubs/5112.html

Hair Entanglement -- Since 1990, CPSC has reports of 43 incidents (including 12 deaths) in which people's hair was sucked into the suction fitting of a spa, hot tub, or whirlpool, causing the victim's head to be held under water. Hair entanglement occurs when a bather's hair becomes entangled in a drain cover as the water and hair are drawn through the drain. In some incidents, children were playing a "hold your breath the longest" game. Permitting their long hair to be sucked into the drain. CPSC helped develop a voluntary standard for drain covers that helps reduce the risk of hair entrapment. Consumers should be sure they have new drain covers that meet this standard. If you are not sure, call a pool or spa professional to check the spa. Never allow a child to play in a way that could permit the child's hair to come near the drain cover. If a drain cover is missing or broken, shut down the spa until the cover is replaced.


Bodypart Entrapment -- CPSC knows of 74 incidents since 1990 in which parts of the body have been entrapped by the strong suction of the drain of pools, wad-ing pools, spas, and hot tubs. Of these, two resulted in dis-embowelment and 13 other people died. CPSC helped develop a standard requiring dome-shaped drain outlets and two outlets for each pump. This reduces the powerful suction if one drain is blocked. Consumers with older spas should have new drain covers installed and may want to consider getting a spa with two drains.